Microsoft ischilling out because Windows, IIS, Microsoft Account and Microsoft Azure “along with most Microsoft Services, were not impacted by the OpenSSL vulnerability.” Nor was “Windows’ implementation of SSL/TLS” impacted.

Oracle's advisory for its April patch bundle doesn't mention Heartbleed, but threads like this one suggest some Oracle products may have problems.

SAP appears not to have said anything about the vulnerability. This thread points to a regwalled item about Business Objects, which has no Heartbleed issues.

VMware, for example, has found 27 products that are potentially exposed to Heartbleed attacks, including its flagship ESXi 5.5 and vCenter Server 5.5. Citrix is worried about nine products, including important parts of the XenApp application streaming stack.

Symantec is “ … still investigating whether any of our products are impacted by this vulnerability” as of April 9th. EMC has posted an advisory, but users including your correspondent are complaining they cannot access it. Something to do with Salesforce.com authentication prevents access, which is useful. Not. Isilon products don't have problems, according to this thread. Speaking of Salesforce, it happily reports it is immune to the Heartbleed scourge.

HP says “... TippingPoint NGIPS, SMS and NGFW platforms, as well as the Threat Management Center (TMC) portal” are not in danger, but a more comprehensive statement about HP's exposure is hard to come by.